Skip to contentSkip to footer
Search
Search
Location
TechConnect Logo

TechConnect

3.3

Data Protection Officer

Jakarta
  • Lead the enterprise-wide data protection strategy, ensuring full compliance with UU PDP, GDPR, ISO 27701, and all applicable national and international privacy regulations.
  • Authorize data protection policies, privacy frameworks, data processing agreements, and binding corporate rules across all business entities and subsidiaries.
  • Strategize and oversee the implementation of Privacy by Design and Privacy by Default principles across all new products, systems, processes, and digital transformation initiatives.
  • Synergize with C-Suite, Board of Directors, Legal, IT, Compliance, and Business Units to embed privacy governance into organizational culture and decision-making.
  • Lead and manage Data Protection Impact Assessments (DPIAs), Records of Processing Activities (RoPAs), and privacy risk assessments across the organization.
  • Negotiate and authorize data sharing agreements, data processing agreements (DPAs), and cross-border data transfer mechanisms with third parties and regulatory bodies.
  • Strategize and lead the organization’s response to data subject rights requests (access, erasure, portability, objection) and personal data breach incidents, including regulatory notifications.
  • Lead engagement with regulators, including the National Data Protection Authority (Kominfo/BSSN), and serve as the primary point of contact for all regulatory inquiries and audits.
  • Authorize and oversee privacy training programs, awareness campaigns, and capability uplift initiatives for all staff levels, including senior leadership.
  • Synergize with the Cybersecurity and IT GRC functions to ensure alignment of information security controls with privacy obligations, including ISMS (ISO 27001) and PIMS (ISO 27701) programs.
  • Lead the development and continuous improvement of the organization’s privacy maturity model, benchmarking against global best practices and frameworks.
  • Strategize on emerging technology risks related to AI, Cloud, IoT, and Mobile, ensuring privacy considerations are proactively addressed across the technology landscape.
  • Lead the development and operationalization of a Data Security Framework covering data classification, Data Loss Prevention (DLP), encryption standards, and access governance in coordination with the CISO and Cybersecurity function.
  • Oversee and authorize cybersecurity-related privacy risk assessments including third-party vendor security reviews, cloud security assessments, and technology due diligence for data-intensive systems and digital platforms.
  • Lead coordination with the Security Operations Center (SOC) and CSIRT on personal data breach detection, containment, and regulatory notification procedures under UU PDP and applicable sectoral regulations (including BSSN directives).

Requirements
  • Bachelor’s degree in Law, Information Technology, Computer Science, Cybersecurity, or a related field; Master’s degree or postgraduate qualification in Data Privacy, Information Security, or Law is highly preferred.
  • Minimum 10 years of progressive experience in Data Privacy, Cybersecurity, IT GRC, or a related discipline, with at least 2 years in a senior DPO, privacy advisory, or data governance leadership role.
  • Demonstrated expertise in Indonesian Personal Data Protection Law (UU PDP No. 27 Tahun 2022) and GDPR, with a proven track record of regulatory compliance implementation across large or complex organizations.
  • Strong capability to lead, design, and authorize enterprise privacy programs including DPIAs, RoPAs, privacy risk assessments, and incident response frameworks.
  • Proven ability to synergize with and advise at Board and C-Suite level, translating complex privacy and regulatory requirements into strategic business guidance.
  • In-depth knowledge of international privacy and security standards and frameworks including ISO 27701, ISO 27001, NIST Privacy Framework, NIST CSF, COBIT, and PCI-DSS.
  • Experience in negotiating data processing agreements, cross-border transfer mechanisms, and regulatory submissions with government authorities and regulators.
  • Broad understanding of cybersecurity domains including Cyber Strategy, Security Architecture, Cloud Security, DevSecOps, OT/ICS Security, and Emerging Technology Risks (AI, IoT, Mobile, Cloud).
  • Strong knowledge of IT Audit, IT Risk Management, IT Governance, Enterprise Architecture, Business Continuity Management (ISO 22301), and Digital Transformation.
  • Excellent executive communication, stakeholder management, and cross-functional leadership skills, with the ability to influence and drive change at all organizational levels.
  • Demonstrated experience in acting as an Independent or External Advisor to Boards, Audit Committees, or regulatory bodies is a strong advantage.
  • Professional certifications required: one or more of CIPP/E, CIPM, FIP, CDPO, or equivalent privacy credentials. Additional preferred certifications include CISM, CISSP, ISO 27001 LA, ISO 27701 LA, ISO 22301 LA, GRCP, GRCA, CCSK, or OT Privacy Expert.

Benefits
  • Private Health Insurance
  • Pension Plan
  • Training & Development
  • Performance Bonus
See company reviews

Working here doesn’t have to be a secret

Sign in to browse authentic reviews, anonymous ratings and salary data before you apply.

3.3
  • 52 %
    Recommend to a friend
  • 72 %
    Approve of CEO
  • CEO: Alfons Blank-Aschauer
    4 Ratings

Related pages

Data Protection Officer jobs in Jakarta
Jobs at TechConnect in Jakarta
Data Protection Officer salaries in Jakarta
Reviews at TechConnect
Interviews at TechConnect
Benefits at TechConnect